—

Discover the power of cloud-computing with AWS and Salt

This article is the first one of a series showing how to use cloud-computing in media and entertainment (M&E workflow).
Cloud computing represents the future of infrastructure.

Every day, dozens of companies are moving from a traditional infrastructure to a cloud-based infrastructure. Even the biggest ones, such as Netflix, are moving all their computing to the Amazon or other clouds infrastructure.

AWS, Amazon Web Services, is a cloud computing platform offered by Amazon. It provides the power, flexibility and reliability your company needs.

However, it’s easy to get lost in this jungle; here’s a quick guide to get started on AWS and automate the setup and management of your cloud infrastructure with SaltStack.

AWS Console

Start an EC2 instance in your VPC

After creating an account, you will face the diversity of AWS. It covers everything from computing to storage. Today we are interested in creating a virtual server in the cloud, known as an EC2 Instance. Click on it to get started.

Create your instance

On this screen, you will find a summary of your instances : your default VPC (Virtual Private Cloud), how much are running, adding a new one, etc.
We will create a new instance, click on “Launch Instance”

Pick the distribution you are going to use

On this page, you will choose the image for your machine. You have the choice between the officials images provided by Amazon (mostly base operating systems) or more specific images provided by the community.

In our case, we will choose an Ubuntu image.

Decide the size of the instance

Depending on your needs, you have to choose a size for your instance. For test purposes, a t2.micro is enough. If you want to have more information like details and monthly pricing of the different instances, you can check this website http://www.ec2instances.info/?cost=monthly.

The flexibility of Amazon allows you to change the size of your instance whenever you want without reinstalling your application.

Launch this new instance

We will tune the other settings later, click on Review and Launch. A page will summarize your new instance, click on Launch.

Select the way to authenticate against your EC2 instance

In order to connect and authenticate against your instance, you need to generate a key pair. Select “create a new key pair”, give it a name and download it.

Assign a static IP

We need to assign an elastic ip to your server. Like that even if you decide to stop and start your instance, you will still have the same static IP address.

Click on Elastic ip and confirm that you want a new elastic ip. Do a right click on your ip and choose Associate ip. Fill the form with your instance, network interface and Private ip address range.

Your instance is now attached to your VPC. You can edit the configuration and do approximately everything from this dashboard. Let’s take some interest in the security group. Click on Security groups on the left panel.

Security groups management

AWS also ensures the security of your machines. Instead of using a traditional firewall on your router, Amazon provides you security groups.

Go into security groups in the left panel. You will see 2 entrees in the list. The first one represents the security rules of your VPC; by default, all the traffic (inbound and outbound) is allowed, we will leave it like that. The second group represents the rules applied to your instance, by default just inboud ssh is allowed.

Imagine you just added a web server to your instance. All you need is just to open the port 80 (http) inbound. It’s a very efficient way to manage traffic security.

Command line and bastion instance setup

ssh access

Now it’s time to use the key you previously downloaded. Open a terminal in the directory where you stored the key and run the commands below.

ssh -i youkey.pem ubuntu@YOUR_INSTANCE_IP
sudo -i

SaltStack setup

SaltStack is an open source configuration management, it will be your best friend to manage your Amazon private cloud. It offers you the ability to quickly create a new instance and deploy a configuration on it. One server is defined as the salt master, and the other ones are minions who are getting the configuration from their master.

Repository configuration

This commands below will setup the SaltStack official repository for Ubuntu 14.04 and install the salt packages.

SaltStack configuration deployment

We will configure a salt master on our bastion server. Let’s configure a salt profile, which will set up the bash configuration and a user profile for all our users. Today we will use this configuration only for our bastion / jump server but in the future when we will add more servers we will just have to apply to them the exact same configuration we did here.

You can see the following rule who will set all users in our top.sls with this specific line:

- generic.users

Running a “salt-call –local state.highstate” will apply the configuration to the master:

setting up the base system

creating local users

salt-call --local state.highstate

Now our bastion host also acting as a salt-master is up and running we will be able to use salt from there in the future to deploy and maintain new instances.

The salt configuration options are infinite and you can basically create a template for anything.

Next!

Now you have your EC2 bastion host up and running. In the next article, you will be able to setup your own transcoding instance through salt-cloud. Salt-cloud is a tool for automatically provisioning and managing cloud servers within and across supported cloud providers (AWS, rackspace, joyent…).